Hi
* Please help keeping the noise level low: Don't ask for ETA (stuff will be anounced), use Thanks buttons to say thx, etc.
* This will work on "fully unlocked" WP7 devices only and is not limited to specific phonesthx, dcordes

HaRET (Handhelds Reverse Engineering Tool) has been used on smartphones and PDAs with previous WinCE (Windows Mobile) versions to

* boot the Linux kernel (=> use Linux based OS like Android)
* obtain information about hardware and software (=> reverse engineering) in order to accordingly modify the Linux kernel (drivers).

Famous HTC devices that are capable of running HaRET are the QSD8250 based HTC HD2 and a wide range of MSM7xxA based phones like the diamond, raphael and touch pro 2.

WP7 is and will be shipped on many devices with quality hardware. In order to be able to run Linux on these, a novel aim is to investigate the use of HaRET on WP7 based devices. WP7 is known to posess several mechanisms to prevent this.

A discussion about the problem has beend started on the official HaRET development mailing list by Jaxbot:http://lists.linuxtogo.org/pipermail...ry/000150.htmlYou need to send a subscription mail in order to write to the list. The original creators of HaRET as well as many good developers with low level skills (from XDA: Cotulla, NetRipper, cr2) are subscribed to it but maybe not many of them have access to a WP7 device.

I did a bit of housecleaning on this thread as I would hate to see this become your old Android-HD2 port thread

I want to see some real discussions going on in here (for a change).

So, HaRET must be, if memory serves me well, developed based on the processor, right? If it worked so well for the HD2, considering that most WP7+ devices from HTC also use Snapdragon's.... it should only take a few tweaks to get it to run (at least compatibility with HW) with most HTC WP7+ devices. The problems will be (I guess):

* Porting over from WM6.5 to WP7+ (may not be as bad as it sounds);
* Making sure that whatever this thing is coded with, it does not have interoplock code running on it (which I think will be kinda difficult considering that several apps that require access to less critical areas of the device require this). if it is interoplocked, then you will run into the issue of multiple versions out there (see Heathcliff's interopunlock thread to see/learn about the HTC variants on the new drivers, etc);
* Drivers, kernels, etc... but I believe that the HW specs between WP7+ devices and the HD2 are not so different, so you may even be able to get the same kernels to work with a few tweaks.

Here's what I know, on the WP7 side of things:
A lot of APIs were removed, but the core pieces of CE still remain. I don't know what HaRET does to load Linux into the memory, but I would be shocked if it wasn't possible.

Part of the APIs that were removed were GUI related. This is why HaRET segfaults when you try to load it on a full unlocked device. If these pieces were removed, making it rely only on the command line, the loader might actually work, more or less. A WP7 Silverlight app could easily be built to serve as a launcher for it.

Those pieces aside, it is basically the technical pieces that have yet to be dug into that we are bound to run into. Curious to see what will happen, glad to see this getting some attention Cheers!

Here's what I know, on the WP7 side of things:
A lot of APIs were removed, but the core pieces of CE still remain. I don't know what HaRET does to load Linux into the memory, but I would be shocked if it wasn't possible.

Part of the APIs that were removed were GUI related. This is why HaRET segfaults when you try to load it on a full unlocked device. If these pieces were removed, making it rely only on the command line, the loader might actually work, more or less. A WP7 Silverlight app could easily be built to serve as a launcher for it.

Those pieces aside, it is basically the technical pieces that have yet to be dug into that we are bound to run into. Curious to see what will happen, glad to see this getting some attention Cheers!

I don't have much insight on how the kernel is loaded either. Obviously it's important for HaRET to have a non-protected memory region it is allowed to write to and then there is something called trampoline that will flush remaining memory and execute the kernel...

Can you try to rename your default.txt into startup.txt ? In presence of startup.txt inside the directory of the exectuable, HaRET will automatically run commands inside that file, rather than first showing the GUI. (Maybe it will still crash cause it still depends on the libraries although they won't be used ? See linload below)

Also be sure to create a file named earlyharetlog.txt and check the resulting log in haretlog.txt which would be a good thing to put on the mailing list.

The other way to invoke HaRET commands is through haretconsole (also check doku above). Once the gui shows you can tap a listen button and haret will launch a telnet server. You can then connect remotly from your computer OR (and that might become our replacement gui from a local telnet client on the phone. There is one available in the wp7 software manager: http://www.windowsphone.com/en-GB/ap...0-9d82b6b18213

One possible way to cut through all GUI right now is the linload feature of haret that will burn loader, kernel, startup.txt and initrd into one single exe . Requires local source code and build environment to create. I think it is very likly that this will not depend on any GUI libs so we should really try in case of startup.txt failure!

Beside linload we might create a HaRET stripped from GUI that will be accessible via haretconsole only until we have a new WP7 compatible GUI.

I don't have much insight on how the kernel is loaded either. Obviously it's important for HaRET to have a non-protected memory region it is allowed to write to and then there is something called trampoline that will flush remaining memory and execute the kernel...

Can you try to rename your default.txt into startup.txt ? In presence of startup.txt inside the directory of the exectuable, HaRET will automatically run commands inside that file, rather than first showing the GUI. (Maybe it will still crash cause it still depends on the libraries although they won't be used ? See linload below)

Also be sure to create a file named earlyharetlog.txt and check the resulting log in haretlog.txt which would be a good thing to put on the mailing list.

The other way to invoke HaRET commands is through haretconsole (also check doku above). Once the gui shows you can tap a listen button and haret will launch a telnet server. You can then connect remotly from your computer OR (and that might become our replacement gui from a local telnet client on the phone. There is one available in the wp7 software manager: http://www.windowsphone.com/en-GB/ap...0-9d82b6b18213

One possible way to cut through all GUI right now is the linload feature of haret that will burn loader, kernel, startup.txt and initrd into one single exe . Requires local source code and build environment to create. I think it is very likly that this will not depend on any GUI libs so we should really try in case of startup.txt failure!

Beside linload we might create a HaRET stripped from GUI that will be accessible via haretconsole only until we have a new WP7 compatible GUI.

XDA Developers was founded by developers, for developers. It is now a valuable resource for people who want to make the most of their mobile devices, from customizing the look and feel to adding new functionality.Are you a developer?